Engineer bought prison laptop and 1,200 incarcerated folks lost their devices

I hope Zhang doesn't feel too bad for accidentally setting this in motion. The fault lies entirely with the manufacture's poor security practices and the overreaction of the corrections officials, but I bet there are still going to be people pointing fingers at him saying "you shouldn't have hacked that laptop and published your findings! Now all these students lost their laptops because of you!"

If you follow the Twitter thread, the secure boot password was stored as a SHA-1 hash. So someone eventually brute forced it, and it&#x27;s &quot;N%(dU32p&#x27;&quot;.<p>But, the prisons can&#x27;t just change the default, because the design is that it writes the bios setup, including the default password, back to the device at power down.<p>So, there didn&#x27;t really appear to be any other option for the prisons other than collecting them all and sending them back for a fairly big update.

So many official idiocies get justified as &quot;an abundance of caution.&quot; One might almost hope the phrase itself would become a warning sign of impending mistake; allowing officials to avoid the predictable disasters that follow.

&gt; incarcerated folks<p>AKA &quot;prisoners&quot;. If only we could find a way to harness all these euphemism treadmills for electricity generation, then that might provide an <i>actual</i> social benefit

Off topic, but other than the goofy green touchpad I gotta say I love the aesthetics. I&#x27;d totally rock a transparent laptop.

They took them away to give them security updates. Non-story.

Aside, &quot;published on a hacker website&quot; referring to hackaday tickled me pink.

My question is -- why was a prison laptop on sale on Ebay in the first place? If they&#x27;re soooooo concerned about security, maybe don&#x27;t have these out in the wild?<p>I&#x27;m betting a prison employee stole that from work and sold it on the sly to make an extra few hundred bucks. Probably breaks some rules, no?